search

networktocode / fortimanager-ansible

Ansible Modules to manage Fortinet FortiManager
Other
65 stars 34 forks source link

fortimgr_install "fails" when installing and no changes/install required #76

Closed jcsicard closed 5 years ago

jcsicard commented 5 years ago

When installing a config/policy with fortimgr_install and fortimanager determines there are no actual changes / install required on the fortigate devices, the module returns a failure to ansible: msg": "Install was NOT Sucessful; Please Check FortiManager Logs" ... "state": "warning"

I suggest a condition should be added to the API result validation to not fail and just return "changed=False" if install["result"][0]["status"]["code"] == 0 and install["result"][0]["data"]["state"] == "done": results = dict(install=install, changed=True) else: module.fail_json(**dict(status=install, msg="Install was NOT Sucessful; Please Check FortiManager Logs"))

jmcgill298 commented 5 years ago

@jcsicard is there a way to identify that the install "failed" due to there not being changes to install? Or is there a check we could do beforehand to identify if there are pending changes to be installed?

jcsicard commented 5 years ago

Yeah, sorry, was a little quick on that report before leaving the office friday... ;-)

Full response is 

failed: [localhost] (item=MY-GROUP) => 
{
    "changed": false, 
    "failed": true, 
    "item": "MY-GROUP", 
    "msg": "Install was NOT Sucessful; Please Check FortiManager Logs", 
    "status": 
    {
        "result": 
        [{
            "data": 
            {
                "adom": 512861, 
                "end_tm": 1566409606, 
                "flags": 0, 
                "history": 
                [{
                    "detail": "2019-08-21 13:46:44:no installing devices/no changes on package", 
                    "name": "MY-ADOM:MY-PACKAGE", 
                    "percent": 0, 
                    "vdom": null
                }, 
                {
                    "detail": "2019-08-21 13:46:46:no installing devices/no changes on package", 
                    "name": "MY-ADOM:MY-PACKAGE", 
                    "percent": 100, 
                    "vdom": null
                }], 
                "id": 3448, 
                "line": 
                [{
                    "detail": "no installing devices/no changes on package", 
                    "err": 0, 
                    "ip": null, 
                    "name": "MY-ADOM:MY-PACKAGE", 
                    "oid": 0, 
                    "percent": 100, 
                    "state": "warning", 
                    "vdom": null
                }], 
                "num_done": 0, 
                "num_err": 0, 
                "num_lines": 1, 
                "num_warn": 1, 
                "percent": 100, 
                "pid": 11793, 
                "src": "security console", 
                "start_tm": 1566409604, 
                "state": "warning", 
                "title": "Install Package 'MY-PACKAGE'", 
                "tot_percent": 100, 
                "user": "my-username"
            }, 
            "status": 
            {
                "code": 0, 
                "message": "OK"
            }, 
            "url": "task/task/3448"
        }]
    }
}

So basically, the elsif would look like

if install["result"][0]["status"]["code"] == 0 and install["result"][0]["data"]["state"] == "done": 
   results = dict(install=install, changed=True) 
elsif install["result"][0]["status"]["code"] == 0 and install["result"][0]["data"]["state"] == "warning" and
       install["result"][0]["data"]["line"]["detail"] =="no installing devices/no changes on package"
   results = dict(install=install, changed=False) 
else: 
   module.fail_json(**dict(status=install, msg="Install was NOT Sucessful; Please Check FortiManager Logs"))
jmcgill298 commented 5 years ago

That looks good to me; do you want to put in a PR for that?